Ok.. So, what you mean is to have 2 modules - (1). mod_ssl to implement the
HTTPS stuff, and (2). mod_tls which does just the SSL filtering. That's
great !!..
So, in that case, is it worthwhile to rename mod_tls to something like
ssl_filter and mod_ssl to mod_https ?..
Thanks
-Madhu
-----Original Message-----
From: Ryan Bloom [mailto:[EMAIL PROTECTED]]
Sent: Thursday, August 23, 2001 9:37 AM
To: [EMAIL PROTECTED]; MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
Subject: Re: mod_tls
Because mod_ssl only implements the SSL wrapping for HTTP. The idea is that
the filters go in mod_tls, and mod_ssl just has the logic to make the
filters work
for HTTP. That way, SSL can work with POP3, NNTP, and the proxy.
Ryan
On Thursday 23 August 2001 09:33, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> Why ?..I see mod_ssl as a superset of mod_tls.. Both mod_tls and mod_ssl
> are capable of SSL & TLS protocol comm., and they both use the same
utility
> (OpenSSL) for achieving it..
> (AFAIK, mod_ssl goes a step further by being compatible with SSL-C).
>
> The only reason why mod_tls has to be maintained (if at all) is because
> it's a lot simple to understand and easier to manipulate..
>
> Just my thoughts..
> -Madhu
>
> -----Original Message-----
> From: Ryan Bloom [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, August 23, 2001 7:55 AM
> To: [EMAIL PROTECTED]; Greg Ames
> Subject: Re: mod_tls
>
>
>
> At some point, the mod_ssl filters should be removed from mod_ssl, and put
> into mod_tls. That way, the same filters can be used for the proxy, and
> other
> protocols, without the mod_ssl wrapper stuff.
>
> Ryan
>
> On Thursday 23 August 2001 06:41, Greg Ames wrote:
> > Cliff Woolley wrote:
> > > I'm sure this has been discussed, but someone please remind me what
was
> > > decided. Are we going to continue to maintain mod_tls? I'm sure
there
> > > are some changes that have been made to mod_ssl that would need to be
> > > ported over to mod_tls if we are.
> >
> > <disclaimer: definately not an expert on this stuff>
> >
> > I believe mod_tls is a layer that isolates mod_ssl from the filter chain
> > in 2.0. So we need both. If someone wrote an alterative to mod_ssl,
> > presumably that would use mod_tls as well.
> >
> > Greg
--
______________________________________________________________
Ryan Bloom [EMAIL PROTECTED]
Covalent Technologies [EMAIL PROTECTED]
--------------------------------------------------------------
